<?php
/**
 * File: handle_message.php
 *
 * This file will enforce that the user must log into Facebook before being
 * able to see the iHacky application. It will also check to see if the
 * user has a valid session. If the user does not have a valid session, this
 * file will redirect them to the Facebook login page.
 */
/**
 * 
 */
include 'lib/config.php';
include 'iHackyFunctions.php';
require_once 'lib/fbconfig.php';

printTitle();
printDashboard();
printBanner($user);
printFbmlTabs(4);

require_once 'client/facebook.php';
require_once 'lib/config.php';

$facebook = new Facebook($api_key, $secret);
$facebook->require_frame();
$user = $facebook->require_login();

//[todo: change the following url to your callback url]
$appcallbackurl = 'http://www.ikoaguild.com/ihacky';

//catch the exception that gets thrown if the cookie has an invalid session_key in it
try {
	if (!$facebook->api_client->users_isAppAdded()) {
		$facebook->redirect($facebook->get_add_url());
	}
} catch (Exception $ex) {
	//this will clear cookies for your application and redirect them to a login prompt
	$facebook->set_user(null, null);
	$facebook->redirect($appcallbackurl);
}

?>




<?php

// This page handles the POST from message.php
// Data from the POST fields are inserted into the database.
// Error checking can be done here.

$conn = getDbConn();

if(isset($_POST["read"]))
{
	$message_id = $_POST["message_id"];

	$query = "UPDATE MESSAGES SET MESSAGES.status = 1 WHERE MESSAGES.message_id = '$message_id'";

	$result = mysql_query($query, $conn) or die(mysql_error());

	if ($result)
	{
		echo "<br> Message marked successfully. <a href=\"messagebox.php\">Click to go back. </a> <br>";
	}
	else
	{
		echo "<br> Fail to mark message. <a href=\"messagebox.php\">Click to go back. </a> <br>";
		echo "Sender: $sender <br> Recipient: $recipient <br> Subject: $messageSubject";
	}
}
else if(isset($_POST["delete"]))
{
	$message_id = $_POST["message_id"];

	$query = "DELETE FROM MESSAGES WHERE message_id = '$message_id'";

	$result = mysql_query($query, $conn) or die(mysql_error());

	if ($result)
	{
		echo "<br> Message deleted successfully. <a href=\"messagebox.php\">Click to go back. </a> <br>";
	}
	else
	{
		echo "<br> Fail to delete message. <a href=\"messagebox.php\">Click to go back. </a> <br>";
		echo "Sender: $sender <br> Recipient: $recipient <br> Subject: $messageSubject";
	}
}
else
{
	echo "Looks like nothing happened...<a href=\"messagebox.php\">Click to go back. </a> "	;

}
closeDb($conn);


?>